Home / Is AI safe for sensitive business data?

Is AI safe for sensitive business data?

An honest answer for Dutch SMEs · Orellis

It depends on how it is built. Safety comes from four things: where the data lives, whether a human keeps final say, whether every step is logged, and how little the model is allowed to see. Get those right and AI is safe for sensitive work. Get them wrong and it is not.

That answer is less satisfying than "yes" or "no," but it is the true one. "AI" is not a single thing that is safe or unsafe — it is a workflow you assemble from a model, your data, and a set of decisions about how the two meet. The risk lives in those decisions. So does the safety.

The four things that decide it

When we build a workflow for a Dutch SME, these are the four boundaries we design and document. They are also the four questions worth asking any vendor before you let AI near a real file.

Data residencyWhat we build is designed for EU data residency — the workflow and the model endpoints it calls are chosen so the data stays in the EU, and we document which provider and region each step runs in.
Human keeps final sayWe build the draft step, never the send step. A named person reviews every output before it is filed, sent, or signed. The system never decides on its own.
Audit trailEvery prompt and every output is logged. When someone asks how a filing or a message was produced, there is a written record — not a memory.
The model sees only what it needsEach step is scoped to the fields that task requires, and personal data is kept out where the result does not need it. Exposure is minimized on purpose, then written down.

The questions you'd ask first

Does my client data leave the EU?

What we build is designed for EU data residency: the workflow and the model endpoints it calls are chosen so the data stays in the EU. We document which provider and region each step runs in, so you can show exactly where the data went. The audit that comes first needs none of your data — anonymized samples or a conversation about how the work flows is enough.

Can AI hallucinate something into a legal or financial document?

Yes — a language model can produce confident text that is wrong. That risk is real, and it is exactly why we build the draft step and never the send step. The AI assembles from your source documents and flags what it could not find. A named person reviews every draft next to its sources before anything is filed, sent, or signed.

Who is liable when the AI is wrong?

You are — the same as today, when a junior drafts something a senior signs. A tool does not take on legal responsibility, and any vendor who implies it does is overselling. We design the workflow so a human keeps final say and the decision is logged, which means liability sits where it always did: with the person who signs off.

Does the AI train on my data?

The workflows we build are designed to use model providers on terms where your inputs are not used to train their models, and we document which provider and setting applies to each step. We do not control a model provider's policies — we select for the terms that keep your data out of training and write down what we selected, so the answer is verifiable rather than a promise.

Is this GDPR / AVG compliant?

Compliance depends on your specific data, your legal basis, and the agreements in place — not on a tool alone. We are not your legal advisor. What we do is design the workflow so the compliance decisions are documented: where data sits, what the model sees, who reviews output, and which processor agreement (verwerkersovereenkomst) applies. Your counsel signs off on that design; we make it reviewable.

What about the EU AI Act?

The EU AI Act sorts uses by risk tier, and obligations like human oversight and transparency depend on which tier your use falls into. Most back-office assembly work for an SME is lower-risk, but that is a judgment your legal counsel should confirm for your case. We build human oversight and an audit trail in by default, which are the controls the higher tiers ask for.

What data does the model actually see?

Only what the specific step needs. We scope each workflow so the model sees the fields required for that task and nothing more — and where personal data is not needed for the result, we design the step to keep it out. The point is to minimize exposure on purpose, then write down what the model can and cannot see so it is a documented boundary, not an assumption.

Do you need access to our systems?

Not for the audit. The first step is a 30-minute conversation about how the work flows — no logins, no data, no preparation. If a build follows, access is scoped to the specific workflow and agreed in writing first. We do not ask for broad access to systems we are not automating.

Can we see how a filing or message was produced?

Yes. Every prompt and every output in the workflows we build is logged, so there is a written record of how a given draft was produced and who approved it. When a regulator, a client, or a partner asks how something was made, the answer is on file rather than in someone's memory.

When AI is not safe — and we'll say so

The honest version of this page has to include the cases where the answer is no. If a workflow looks like one of these, we would tell you not to automate it — or to fix the setup first.

When you want autonomous output into a regulated filing

If the goal is for AI to send a customs declaration, a tax filing, or a legal document with no human reading it first, that is the unsafe version. We do not build the send step into regulated work. If a vendor offers to, that is the moment to walk.

When the data cannot leave its current system at all

Some data is governed so tightly that it should not move to any external model, full stop. If that is your situation, the honest answer may be that this workflow is not a fit for AI yet — or only for a step that never touches the sensitive field.

When no one has time to review the output

The human check is what makes the rest safe. If the real reason for wanting AI is that there is nobody to review anything, automating the draft does not solve that — it just moves the unreviewed risk faster. We would rather scope a smaller workflow that someone can actually check.

When the task is judgment, not assembly

AI is good at the assembly work around a decision. It is not a substitute for the decision. If what you are hoping to hand over is the expert judgment itself — the call a regulator or a client is paying your firm to make — that is not what we build, and we will say so on the first call.

This is an operational framing, not legal advice. Whether a specific use is GDPR/AVG compliant or falls under a given EU AI Act tier depends on your data architecture and your legal basis. We document the design decisions; your legal counsel signs off on them.

How Orellis approaches it

Short version: we are built to make the four boundaries above real and reviewable for one workflow at a time. The audit comes first — a 30-minute conversation, no system access, no data — and we only build once the workflow is mapped and the boundaries are agreed in writing. The human review step is the part we never remove. It is the product.

Related: Compliance operations · Caseflow management · Expert firms · SaaS ops teams · AI subsidies in the Netherlands

We review everything that ships. This page was drafted with our own AI stack and reviewed by a human before it shipped. That review discipline is the product.

Find out where AI is safe for your work

Tell us how one workflow runs today and we'll tell you, honestly, whether AI fits it — and where the boundaries would sit. No system access. No data. A human reply.

Tell us where the time goes or book a free audit